<?php
/**
 * Oryx Users Module 
 * @version 0.1
 * @author Richard Adams
 */
class Users extends Controller {

	/**
	 * Class Constructor
	 * @return 
	 */
	public function __construct()
	{
		parent::Controller();
		$this->load->model('user');
		$this->auth->check();
		if(!$this->auth->check('level',5)) 
		{
		 	show_auth_error('admin/users - dont have access');
		}	
	}
	
	/**
	 * Users Default Page
	 * @return 
	 */
	public function index()
	{
		$this->view();
	}
	
	/**
	 * View all Users or individual    
	 * @return 
	 * @param object $id[optional] Individual id for User
	 */
	public function view($id = null)
	{
		if ($id != null) 
		{
			$data['content'] = $this->user->retrieve_by_pkey($id); 
			$this->oryx->render('users/view',$data,'admin');
		}
		else
		{
			$data['content'] = $this->user->findAll();
			$this->oryx->render('users/view_all',$data,'admin');
		}
	}
	
	/**
	 * Add new User
	 * @return 
	 */
	public function add()
	{	
		$this->form_validation->set_rules('display_name', 'Display Name', 'required|callback_check_name');
		$this->form_validation->set_rules('first_name', 'First Name', 'required');
		$this->form_validation->set_rules('last_name', 'Last Name', 'required');
		$this->form_validation->set_rules('email_address', 'Email Address', 'required|valid_email');
		$this->form_validation->set_rules('password', 'Password ', 'required|matches[passconf]');
		$this->form_validation->set_rules('passconf', 'Password Confirmation', 'required');
		$this->form_validation->set_rules('user_level', 'User Level', 'required');

		if ($this->form_validation->run() == FALSE)
		{
			$data['error'] = '';
			$this->oryx->render('users/add',$data,'admin');
		}
		else
		{
			$data = $this->get_form_values();
			
			$data['date_created']= date('Y-m-d');
			
			$encrypt_pass = $this->input->post('password', TRUE);
			$data['password'] = $this->auth->encrypt_password($encrypt_pass);
			$data['active'] = true;
			
	        $this->user->add($data);
	
			$data = $this->clear_form();
			$data['error'] = 'no';
	        $this->oryx->render('users/add',$data,'admin');
		}
	}
	
	/**
	 * Edit an User 
	 * @return 
	 * @param object $id[optional] Individual id for User
	 */
	public function edit($id = null)
	{
		if($id == null)
		{
			show_error('admin/users/edit - no id given');
		}
		
		$this->form_validation->set_rules('email_address', 'Email Address', 'valid_email');
		$this->form_validation->set_rules('password', 'New Password ', 'matches[passconf]');
		$this->form_validation->set_rules('passconf', 'New Password Confirmation' );


		if ($this->form_validation->run() == FALSE)
		{
			$data['error'] = '';
			$data['content'] = $this->user->retrieve_by_pkey($id); 
			$this->oryx->render('users/edit',$data,'admin');
		}
		else
		{
			$data = $this->get_form_values();
			
			$encrypt_pass = $this->input->post('password', TRUE);
			if($encrypt_pass) 
			{
			 	$data['password'] = $this->auth->encrypt_password($encrypt_pass);
			}
			
	        $this->user->modify($id, $data);
	

			$data['error'] = 'no';
			$data['content'] = $this->user->retrieve_by_pkey($id);
	        $this->oryx->render('users/edit',$data,'admin');
		}
		
	}
	
	/**
	 * Delete User
	 * @return 
	 * @param object $id[optional] Individual id for User
	 */
	public function delete($id = null)
	{
		if($id == null)
		{
			show_error('admin/users/delete - no id given');
		}
		
		if ($this->user->delete_by_pkey($id)) 
		{
			show_error('admin/users/delete - Yes! delete!');
		}
		else
		{
			show_error('admin/users/delete - could not delete');
		}

	}

	
	private function check_name($str)
	{
		if ($this->auth->check('name',$str))
		{
			$this->form_validation->set_message('check_name', 'Cant use this name!');
			return FALSE;
		}
		else
		{
			return TRUE;
		}
	}
	
	/**
	 * gets the form values
	 * @return array form data
	 */
	private function get_form_values() 
	{
		// XXS Filtering enforced for user input
		//$data['user_id']		= $this->input->post('user_id', TRUE);
		$data['display_name']		= $this->input->post('display_name', TRUE);
		$data['first_name']		= $this->input->post('first_name', TRUE);
		$data['last_name']		= $this->input->post('last_name', TRUE);
		$data['email_address']		= $this->input->post('email_address', TRUE);
		$data['user_level']		= $this->input->post('user_level', TRUE);
		$data['active']		= $this->input->post('active', TRUE);
		$data['date_last_login']		= $this->input->post('date_last_login', TRUE);
		$data['image_id']		= $this->input->post('image_id', TRUE);

	   return $data;

	}
	
	/**
	 * clears form array
	 * @return array empty
	 */
	private function clear_form() 
	{
		$data['user_id']		= '';
		$data['display_name']		= '';
		$data['first_name']		= '';
		$data['last_name']		= '';
		$data['email_address']		= '';
		$data['password']		= '';
		$data['user_level']		= '';
		$data['active']		= '';
		$data['date_created']		= '';
		$data['date_last_login']		= '';
		$data['image_id']		= '';

	  return $data;

	}
}